<?php
// var_dump(isset($_POST['user']));die;
if (isset($_SESSION['user'])) {
	header("location:http://demo.net/index.html");
}else{
	$servername = 'localhost';//127.0.0.1
	$dbname ='demo';
	$dbuser = 'root';
	$dbpass = 'root';
	$dbport = 3306;
	$dbtype = 'mysql';



	if (!empty($_POST['user']) && !empty($_POST['password'])) {
		$user = $_POST['user'];
		$password = md5($_POST['password']);

		$dsn = "$dbtype:host=$servername:$dbport;dbname=$dbname";
		try {
			$conn = new PDO($dsn,$dbuser,$dbpass);
	// echo "数据库连接成功";
		} catch (PDOException $e) {
		// echo $e->getMessage();
			echo "数据库连接失败";
		}
		$sql = "SELECT `name`,`password` FROM users WHERE `name` = '".$user."' AND `password` = '".$password."'";
		// echo $sql;die;
		$stmt = $conn ->query($sql);
		// var_dump($stmt);die;
		$arr = $stmt->fetchAll();
		// var_dump($arr);die;
		$arr = $arr[0];
		if ($user == $arr['name'] && $password == $arr['password']) {
			setcookie('user',md5($arr['name'].$arr['password']),time() + 3600);
			session_start();
			$_SESSION['user'] = md5($arr['name'].$arr['password']);
			header("location:http://demo.net/index.html");
		}else{
			echo "用户名或密码输入错误........";
		}
	}else{
		header("location:http://demo.net/login.php");
		// echo "请输入正确的用户名，密码登陆........";
	}
}




?>
